Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-7029

YAML decorator file path matching is ambiguous

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Neutral Neutral
    • 5.5.5
    • 5.5.4
    • None
    • None
    • Yes
    • Basel 96, Basel 97
    • 5

      Regex-based resource path matcher against decoration path convention does not restrict the module name char set, e.g. it permits forward slashes.

      This leads to the ambiguities as such:

      • /foo/decorations/bar/templates/blocks/baz.yaml - is a legit template decorator of a template in module bar.

      However, as far as decorator matcher is concerned the same path also evaluates to a content editor's BlockDefinition decorator (stored in blocks registry):

      • /foo/decorations/bar/templates/blocks/baz.yaml - the target module path though is bar/templates in this case, which is of course an invalid module name and such path should've never matched at all!

      Solution to this would be to restrict the allowed characters in module name pattern to alpha-numeric ones.
      Otherwise, there's a chance of "unwanted decoration" the result of which is un-predictable, hard to trace and may lead to exceptions like the following:

      2017-05-12 17:37:30,326 ERROR .magnolia.ui.admincentral.AdmincentralErrorHandler: AdmincentralUI has encountered an unhandled exception.
com.vaadin.server.ServerRpcManager$RpcInvocationException: Unable to invoke method pickNewBlock in info.magnolia.editor.gwt.shared.body.ContentBodyServerRpc
	at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:162)
	at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:118)
	at com.vaadin.server.communication.ServerRpcHandler.handleInvocation(ServerRpcHandler.java:437)
	at com.vaadin.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:408)
	at com.vaadin.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:273)
	at com.vaadin.server.communication.UidlRequestHandler.synchronizedHandleRequest(UidlRequestHandler.java:90)
	at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:41)
	at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1414)
	at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:365)
	at info.magnolia.ui.admincentral.AdmincentralVaadinServlet.service(AdmincentralVaadinServlet.java:131)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
	at info.magnolia.cms.filters.ServletDispatchingFilter.doFilter(ServletDispatchingFilter.java:148)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:65)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.VirtualUriFilter.doFilter(VirtualUriFilter.java:69)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.module.cache.executor.Bypass.processCacheRequest(Bypass.java:58)
	at info.magnolia.module.cache.executor.CompositeExecutor.processCacheRequest(CompositeExecutor.java:67)
	at info.magnolia.module.cache.filter.CacheFilter.doFilter(CacheFilter.java:220)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.i18n.I18nContentSupportFilter.doFilter(I18nContentSupportFilter.java:74)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.RangeSupportFilter.doFilter(RangeSupportFilter.java:77)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:57)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.security.SecurityCallbackFilter.doFilter(SecurityCallbackFilter.java:84)
	at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.security.LogoutFilter.doFilter(LogoutFilter.java:94)
	at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.module.site.filters.SiteMergeFilter.doFilter(SiteMergeFilter.java:119)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.multisite.filters.MultiSiteFilter.doFilter(MultiSiteFilter.java:110)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MultiChannelFilter.doFilter(MultiChannelFilter.java:83)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.module.cache.filter.GZipFilter.doFilter(GZipFilter.java:73)
	at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:127)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.enterprise.registration.RegistrationFilter.doFilter(RegistrationFilter.java:64)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.UnicodeNormalizationFilter.doFilter(UnicodeNormalizationFilter.java:89)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.personalization.preview.filter.PreviewFilter.doFilter(PreviewFilter.java:92)
	at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at nl.vi.magnolia.filter.AdvertorialRedirectFilter.doFilter(AdvertorialRedirectFilter.java:42)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81)
	at info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:155)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:128)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79)
	at info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:65)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85)
	at info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:107)
	at info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
	at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
	at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
	at org.keycloak.adapters.tomcat.AuthenticatedActionsValve.invoke(AuthenticatedActionsValve.java:68)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
	at org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.invoke(AbstractKeycloakAuthenticatorValve.java:185)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:528)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1100)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:687)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2508)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2497)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.reflect.InvocationTargetException
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:158)
	... 118 more
Caused by: java.lang.NullPointerException
	at com.vaadin.data.util.IndexedContainer$IndexedContainerProperty.setValue(IndexedContainer.java:943)
	at info.magnolia.editor.content.blockpicker.BlockPickerFieldFactory.getBlockDefinitionBeanItemContainer(BlockPickerFieldFactory.java:64)
	at info.magnolia.editor.content.blockpicker.BlockPickerFieldFactory.createFieldComponent(BlockPickerFieldFactory.java:52)
	at info.magnolia.ui.form.field.factory.AbstractFieldFactory.createField(AbstractFieldFactory.java:144)
	at info.magnolia.ui.dialog.choosedialog.ChooseDialogPresenterImpl.start(ChooseDialogPresenterImpl.java:120)
	at info.magnolia.editor.content.blockpicker.BlockPickerHelper.openChooseDialog(BlockPickerHelper.java:82)
	at info.magnolia.editor.content.blockpicker.BlockTypePicker.pickBlockType(BlockTypePicker.java:41)
	at info.magnolia.editor.content.editor.DefaultContentEditor.lambda$new$5(DefaultContentEditor.java:73)
	at info.magnolia.editor.body.ContentBody$1.pickNewBlock(ContentBody.java:103)
	... 123 more

        Acceptance criteria

          1. IMG_12052017_182605_0.png
            126 kB
            Jan Haderka

              ilgun Ilgun Ilgun
              had Jan Haderka
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Bug DoR
                  Task DoD